Please add support for local ssl certificate files.

[jearton]

Is your feature request related to a problem? Please describe.

No.

Describe the solution you'd like

Add SSL Certificate which point to a local path.

Describe alternatives you've considered

I use acme.sh to generate SSL certificate.

Additional context

[jmarler]

I also am using an external script to manage my Let's Encrypt. I'm using Dreamhost as the DNS provider for one of my domains, and it is not currently supported by NPM. If I could just point NPM at a certificate that is mounted in the container, that would make things much easier.

[ssrahul96]

Could you try this as a workaround?

1. upload your custom SSL certificate
2. It should create a directory under /data/custom_ssl/npm-{{id}}, which you would ve already mounted as docker volume
3. rsync you required / updated certificate to that mounted volume at required intervals?

[jearton]

@ssrahul96 That sounds practicable.

[Frechetta]

@ssrahul96 that doesn't work. The certificates are stored in the database (certificate table).

[ssrahul96]

@Frechetta , Then it should be straight forward to update it in database rite?

[spcqike]

@Frechetta you are not quite right. the certificate information (eg. expiring date) is stored in a database, however the certificate itself is stored in the local filesystem.
have a look at #1618
it is possible to change the cert files in the filesystem, however the information in the UI are wrong afterwards.

so it is possible to either manually rsync an external SSL cert to the filesystem or mount it from elsewhere to your container.

[JokerQyou]

so it is possible to either manually rsync an external SSL cert to the filesystem or mount it from elsewhere to your container.

Maybe it's easier to use cURL or other tools to call the "update certificate" API just like the web UI does. The only problem is: there is no API documentation.

[ozumado]

I am currently using below Advanced setting to use local SSL certificate that gets pushed via rsync from different machine, would be awesome if we get some kind of GUI for that...

listen 443 ssl http2;

  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  include conf.d/include/force-ssl.conf;
  ssl_certificate /data/ssl/fullchain.pem;
  ssl_certificate_key /data/ssl/privkey.pem;

[github-actions]

Issue is now considered stale. If you want to keep it open, please comment 👍

[jmarler]

I am still interested in having this as an official feature, not a hack.

[github-actions]

Issue is now considered stale. If you want to keep it open, please comment 👍

[SimonFischer04]

👍

[freakma]

👍